Infrastructure-level cloud security

- [Instructor] So let's look at infrastructure security,…and let's look specifically at Amazon Web Services.…Security, as I said in the previous video,…is a shared responsibility between your cloud provider…and you, the client.…You're the customer of this system.…It's your platform that you've allocated.…It's your content,…and so you're responsible for protecting it.…That doesn't mean the cloud provider is off the hook…for providing basic security systems,…such as log-on and password management.…However, whether or not you encrypt your information,…how it's secured,…how it's revisioned,…and how it's protected is really up to you.…

So the clients are responsible for their security…in the cloud.…So keep that in mind.…Can't repeat that enough because a lot of people…stick information in the cloud…with the assumption that the cloud provider's…taking care of security.…That's not the case.…They provide you the mechanisms,…but the responsibility falls on you.…So you have the client content,…platform application,…identity and access management systems,…

Resume Transcript Auto-Scroll

Author

Released

11/3/2016

Understand the basics of cloud security, including security levels, services available, and selection criteria. Beginning with the basics, instructor David Linthicum explains the business case for cloud security and the levels and models available, including infrastructure-, application-, and data-level security; identity and risk management; encryption; and multifactor authentication. He then dives into the services offered by the top three cloud providers: Amazon, Microsoft, and Google. He reviews the compliance issues that affect specific industries, including health care and finance, and reviews the points you need to consider when identifying your security requirements and the security tools, services, and software to best meet those needs.